CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49404 – RDMA/hfi1: Fix potential integer multiplication overflow errors
https://notcve.org/view.php?id=CVE-2022-49404
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. ... • https://git.kernel.org/stable/c/7724105686e718ac476a6ad3304fea2fbcfcffde • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49403 – lib/string_helpers: fix not adding strarray to device's resource list
https://notcve.org/view.php?id=CVE-2022-49403
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: lib/string_helpers: fix not adding strarray to device's resource list Add allocated strarray to device's resource list. ... In the Linux kernel, the following vulnerability has been resolved: lib/string_helpers: fix not adding strarray to device's resource list Add allocated strarray to device's resource list. • https://git.kernel.org/stable/c/acdb89b6c87a2d7b5c48a82756e6f5c6f599f60a •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49402 – ftrace: Clean up hash direct_functions on register failures
https://notcve.org/view.php?id=CVE-2022-49402
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash direct_functions on register failures We see the following GPF when register_ftrace_direct fails: [ ] general protection fault, probably for non-canonical address \ 0x200000000000010: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC PTI [...] [ ] RIP: 0010:ftrace_find_rec_direct+0x53/0x70 [ ] Code: 48 c1 e0 03 48 03 42 08 48 8b 10 31 c0 48 85 d2 74 [...] [ ] RSP: 0018:ffffc9000138bc10 EFLAGS: 00010206 [ ] RAX: 000000000000... • https://git.kernel.org/stable/c/763e34e74bb7d5c316015e2e39fcc8520bfd071c •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-49401 – mm/page_owner: use strscpy() instead of strlcpy()
https://notcve.org/view.php?id=CVE-2022-49401
26 Feb 2025 — invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 4087 Comm: dhcpcd-run-hooks Not tainted 5.18.0-rc3-syzkaller-01537-g20b87e7c29df #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:fortify_panic+0x18/0x1a lib/string_helpers.c:980 Code: 8c e8 c5 ba e1 fa e9 23 0f bf fa e8 0b 5d 8c f8 eb db 55 48 89 fd e8 e0 49 40 f8 48 89 ee 48 c7 c7 80 f5 26 8a e8 99 09 f1 ff <0f> 0b e8 ca 49 40 f8 48 8b 54 24 18 4c 89 f1 48 c7 c7 00 00 27 8a RSP: 0018:ffffc90000007... • https://git.kernel.org/stable/c/865ed6a3278654ce4a55eb74c5283eeb82ad4699 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49400 – md: Don't set mddev private to NULL in raid0 pers->free
https://notcve.org/view.php?id=CVE-2022-49400
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: md: Don't set mddev private to NULL in raid0 pers->free In normal stop process, it does like this: do_md_stop | __md_stop (pers->free(); mddev->private=NULL) | md_free (free mddev) __md_stop sets mddev->private to NULL after pers->free. In the Linux kernel, the following vulnerability has been resolved: md: Don't set mddev private to NULL in raid0 pers->free In normal stop process, it does like this: do_md_stop | __md_stop (pe... • https://git.kernel.org/stable/c/00e3d58f50a875343124bcf5a9637520a492b0d1 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49399 – tty: goldfish: Use tty_port_destroy() to destroy port
https://notcve.org/view.php?id=CVE-2022-49399
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Use tty_port_destroy() to destroy port In goldfish_tty_probe(), the port initialized through tty_port_init() should be destroyed in error paths.In goldfish_tty_remove(), qtty->port also should be destroyed or else might leak resources. In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Use tty_port_destroy() to destroy port In goldfish_tty_probe(), the port initialized through tty... • https://git.kernel.org/stable/c/666b7793d4bfa9f150b5c2007ab48c755ddc53ca •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49398 – usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback
https://notcve.org/view.php?id=CVE-2022-49398
26 Feb 2025 — ->Thread#1 released lock ->dwc3_stop_active_transfers() ->dwc3_remove_requests() ->fetches n+1 item from cancelled_list (n removed by Thread#1) ->dwc3_gadget_giveback() ->dwc3_gadget_del_and_unmap_request()- n+1 deleted[cancelled_list] ->spin_unlock In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback The list_for_each_entry_safe() macro saves the current item (n) and the item after (n+1), so that n can be safely r... • https://git.kernel.org/stable/c/d4f1afe5e896c18ae01099a85dab5e1a198bd2a8 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49397 – phy: qcom-qmp: fix struct clk leak on probe errors
https://notcve.org/view.php?id=CVE-2022-49397
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error (e.g. In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error (e.g. probe deferral). • https://git.kernel.org/stable/c/e78f3d15e115e8e764d4b1562b4fa538f2e22f6b •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49396 – phy: qcom-qmp: fix reset-controller leak on probe errors
https://notcve.org/view.php?id=CVE-2022-49396
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error (e.g. In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error (e.g. probe deferral). ... • https://git.kernel.org/stable/c/e78f3d15e115e8e764d4b1562b4fa538f2e22f6b •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49395 – um: Fix out-of-bounds read in LDT setup
https://notcve.org/view.php?id=CVE-2022-49395
26 Feb 2025 — ================================================================== BUG: KASAN: stack-out-of-bounds in syscall_stub_data+0x70/0xe0 Read of size 128 at addr 000000006411f6f0 by task swapper/1 CPU: 0 PID: 1 Comm: swapper Not tainted 5.18.0+ #18 Call Trace: show_stack.cold+0x166/0x2a7 __dump_stack+0x3a/0x43 dump_stack_lvl+0x1f/0x27 print_report.cold+0xdb/0xf81 kasan_report+0x119/0x1f0 kasan_check_range+0x3a3/0x440 memcpy+0x52/0x140 syscall_stub_data+0x70/0xe0 write_ldt_entry+0xac/0x190 init_new_ldt+0x515/0x960 ... • https://git.kernel.org/stable/c/858259cf7d1c443c836a2022b78cb281f0a9b95e • CWE-125: Out-of-bounds Read •